DVO (EU) 2019/1583 examination

Verification of the implementation of the requirements according to DVO (EU) 2019/1583

This video will be loaded from YouTube while playing. By clicking here you accept the data protection declaration of HVS Consulting / IS-FOX and YouTube.

DVO examination: Why?

Airport operators must identify the KIKS used for their purposes within the scope of passenger and baggage screening (§ 5 LuftSiG), insofar as these lie within their area of responsibility, and within the scope of their own security measures (§ 8 LuftSiG). KIKS in the sense of the DVO (EU) 2015/1998 are all systems and data which, in the event of a loss of their confidentiality, integrity or availability, could lower the security level of civil aviation, in particular - electronic communications networks  - a system or a component of interconnected or interrelated systems which, individually or in combination, are based on BMI Annex I to the National Aviation Security Program - their programming, perform automatic processing of digital data, or - digital or analog data stored, processed, retrieved, or transmitted by the above elements for the purpose of their operation, use, protection, and maintenance, provided that the systems, alone or in conjunction with each other, have an impact on aviation security.

The process in detail

Plan and review

Before we start the examination, we establish the framework conditions in an initial meeting in order to provide you with the best possible added value. When can the examination take place? What are your identified KIKS? By when can you provide us with your security documents?

We then create an examination plan so you can start coordinating dates. The examination plan contains all important information about the examination. At what time which meetings will take place, when and to what extent the examination will take place, which KIKS have been selected as samples and who your auditors will be.

Before conducting the interviews, we review your security documents.

The review of them as well as the preparation of the necessary documents will take about 2 - 3 days.

< >

The examination

The examination is carried out in the form of interviews with the responsible persons as well as technical spot checks. The identified weaknesses and/or deviations from the requirements of DVO (EU) 2019/1583 are documented. Thus, we are able to provide an assessment of the effectiveness of the implemented measures.

The execution of the examination takes about 3 days (2x3 days).

 

< >

Examination report

After the examination has been completed, an examination report including a list of deficiencies is prepared. These documents must be submitted by you to the competent authority.

The examination report contains the following chapters:

  1. Management Summary: Brief summary of the examination results.
  2. Subject of the examination: Brief description of the KIKS
  3. Examination details
  4. Examination plan
  5. Examination body
  6. Examination team
  7. Classification of findings & procedure
    • The findings are classified according to DVO (EU) 2019/1583:
      • Serious or significant safety deficiencies.
      • Minor deviations or safety deficiencies.
      • Recommendations
  8. Result of the external examination according to DVO (EU) 2019/1583.
    • Assessment of your ISMS and BCMS maturity level as well as a brief justification.
    • Final evaluation including conclusion according to the chapters of DVO (EU) 2019/1583.
      • 4 - Investigations
      • 5 - Risk assessment
      • 6.1 - Safety program according to No. 1.7.2 of the Annex of the DVO (EU) 2015/1998
      • 6.2 - Prevention
      • 6.3 - Detection
      • 6.4 - Reaction
      • 7 - Approval / Testing
      • 8 - Incident handling
      • 9 - Reliability checks
      • 10 - Training
      • 11 - Monitoring
  9. Findings: Detailed description of findings
  10. Records of the examination
< >